On Sat, 25 Dec 2004 21:40:40 -0500, Matthew Miller wrote > On Sat, Dec 25, 2004 at 10:08:00PM +0200, Pekka Savola wrote: > > I noticed this at one site. AFAIK, turning off register_globals > > mitigates this a bit. Unfortunately it was on by default in the > > earlier versions of php.. > > Not sure what we should do (if anything). > > It's off in the default php.ini in php-4.2.2-17.7.legacy. Uhm, wonder why it is on in mine? rpm -q php php-4.2.2-17.7.legacy grep global /etc/php.ini ; Whether or not to register the EGPCS variables as global variables. You may ; want to turn this off if you don't want to clutter your scripts' global scope ; register_globals to be on; Using form variables as globals can easily lead ; register_globals = Off register_globals = On I guess I could turn it off and see what happens. -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
